Dylan Davis
34e9b2c04b
Change ipmi_dumphashes to have non-verbose output, ever
2017-06-02 14:27:21 -06:00
Jeffrey Martin
2924318ca5
update java_rmi_server modules with CVE
2017-06-02 12:59:48 -05:00
HD Moore
eebfd9b7f2
Switch to the mixin-provided SMB share enumeration methods
2017-05-26 17:02:06 -05:00
juushya
af4eafdf70
Updated module and doc
2017-05-24 06:33:08 +05:30
James Lee
4def7ce6cc
Land #8327 , Simplify storing credentials
2017-05-18 16:49:01 -05:00
h00die
b2f69e9018
spelling
2017-05-15 21:11:19 -04:00
Brent Cook
faf01ed5ef
Land #8353 , add aux scanner for Intel AMT digest bypass
2017-05-09 18:45:21 -05:00
HD Moore
f7ff840ef0
Add missing return, thanks bperry!
2017-05-08 14:08:59 -05:00
HD Moore
9392e48b72
Add a scanner for Intel AMT auth bypass (CVE-2017-5689)
2017-05-08 13:24:00 -05:00
Jeffrey Martin
a1efa30fa2
comments adjustments & enum better
2017-05-08 11:57:06 -05:00
Brendan Coles
635a7a42e6
Update style lotus_domino_hashes
2017-05-07 16:37:48 +10:00
Jeffrey Martin
e2fe70d531
convert store_valid_credential to named params
2017-05-05 18:23:15 -05:00
Jeffrey Martin
63b6ab5355
simplify valid credential storage
2017-05-04 22:51:40 -05:00
darkbushido
81bcf2ca70
updating all LHOST to use the new opt type
2017-05-04 12:57:50 -05:00
William Vu
64452de06d
Fix msf/core and self.class msftidy warnings
...
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
William Vu
1a402ed1d8
Add arch to smb_ms17_010 DOUBLEPULSAR detection
2017-04-26 20:59:13 -05:00
Brent Cook
f8792956ee
fix one module for testing
2017-04-26 16:21:13 -05:00
zerosum0x0
55f01d3fc7
made the plugin less spammy with more vprintf
2017-04-24 13:33:05 -06:00
zerosum0x0
453ca6e3bf
added OS printing on vulnerable systems
2017-04-24 13:20:44 -06:00
zerosum0x0
a69aba0eab
added XOR Key calculation
2017-04-22 23:54:30 -06:00
zerosum0x0
8a77bf7b60
removed wrong comments
2017-04-21 08:27:13 -06:00
zerosum0x0
9fab64c60e
added references
2017-04-20 15:22:37 -06:00
zerosum0x0
dd12afd717
added DoublePulsar detection
2017-04-20 15:03:29 -06:00
William Vu
942959f7e8
Land #8255 , fixes for smb_ms17_010
2017-04-17 11:38:34 -05:00
Brent Cook
7b936b0012
Land #8184 , convert IPMI protocol and modules to bindata
2017-04-17 07:40:15 -05:00
Brent Cook
6f70efcfa1
add module documentation
2017-04-17 07:39:43 -05:00
William Vu
b1c7f1302b
Fix report_vuln and prefer vprint_error
2017-04-17 02:48:56 -05:00
Brent Cook
42122d2835
Land #8238 , move SMB2 support back into smb_login, add simpler permissions checks
2017-04-14 14:06:46 -05:00
dmohanty-r7
d75f852d01
Land #8167 , Add MS17-010 auxiliary detection module
2017-04-14 13:00:16 -05:00
David Maloney
91fb3ce6b8
collapse SMB2 support into smb_login
...
converge the SMB and SMB loginscanners so that
there is only one SMB loginscanner that supports both
MS-2636
2017-04-13 15:22:03 -05:00
David Maloney
adeb4d10d7
smb2 login scanner admin check now working
...
we can now check for admin privs in the smb2
login scanner
MS-2636
2017-04-13 14:40:32 -05:00
William Webb
c867b7e228
Land #8204 , Add Cambian ePMP SNMP Configuration download
2017-04-11 10:59:13 -05:00
zerosum0x0
f7c8bd2464
add rescue for ::Rex::Proto::SMB::Exceptions::LoginError
2017-04-07 15:37:56 -06:00
juushya
e65eacce49
Add Satel SenNet Command Exec Module
2017-04-07 02:22:11 +05:30
juushya
3c189f0cb0
Adding Cambium SNMP Loot module
2017-04-07 01:32:45 +05:30
Brent Cook
5f88971ca9
convert NTP modules to bindata
2017-04-04 02:57:38 -05:00
Brent Cook
46c7e822c8
convert IPMI protocol and modules to bindata
2017-04-04 02:44:17 -05:00
Brent Cook
98ffa4d380
Land #7652 , add varnish cache CLI authentication scanner module
2017-04-02 21:52:45 -05:00
zerosum0x0
26fc6bc920
added report_vuln()
2017-04-01 21:48:19 -06:00
William Webb
035f37cf42
Land #8144 , Add Moxa Device Discovery Scanner Module
2017-03-31 19:11:27 -05:00
William Webb
f870f94fa9
Land #8163 , Add Cambium ePMP Arbitrary Command Execution
2017-03-31 19:06:19 -05:00
zerosum0x0
4bd50b0ad2
Merge branch 'ms17-010' of github.com:RiskSense-Ops/metasploit-framework into ms17-010
2017-03-30 10:10:08 -06:00
zerosum0x0
a125566fc7
removed unnecessary arguments
2017-03-30 10:09:31 -06:00
zerosum0x0
ef7de6d49e
added MSB to description, moved a print statement
2017-03-29 17:43:49 -06:00
zerosum0x0
68f5c0e663
removed a print statement
2017-03-29 16:24:59 -06:00
zerosum0x0
7e6b8b02b8
replaced magic constant with setup_count
2017-03-29 15:37:28 -06:00
zerosum0x0
9923c39799
removed superfluous status
2017-03-29 15:32:29 -06:00
zerosum0x0
f0a1e12a7e
small typos
2017-03-29 15:30:35 -06:00
zerosum0x0
ffa376c514
added MS17-010 auxiliary detection module
2017-03-29 14:33:02 -06:00
David Maloney
a571bcdba4
update module description
2017-03-29 13:58:36 -05:00
David Maloney
418e371e35
add SMB2 login scanner and module
...
add smb2_login module backed by an smb2
LoginScanner class. This is a temporary alternative
to smb_login until ruby_smb catches up more on feature parity
MS-2557
2017-03-29 11:36:33 -05:00
juushya
30896d1fab
Add Cambium ePMP Arbitrary Command Execution Module
2017-03-28 00:17:36 +05:30
William Webb
66a585ab41
Land #8050 , Add Cambium ePMP System Hash Dumper
2017-03-27 12:08:53 -05:00
William Webb
935c59306b
Land #7897 , Add Cambium ePMP 1000 Device Configuration file dumper
2017-03-27 12:05:11 -05:00
William Webb
d705949b37
Land #7784 , Cambium ePMP 1000 Login Scanner
2017-03-27 12:01:56 -05:00
juushya
dd7cf39678
updated references
2017-03-25 12:31:08 +05:30
juushya
63d88c159a
updated references
2017-03-25 12:27:38 +05:30
juushya
fd5e25bcc2
restored version check
2017-03-25 12:08:00 +05:30
Patrick DeSantis
2200c9faee
Create moxa_discover.rb
2017-03-22 10:49:26 -04:00
h00die
7bcd53d87d
Land #8079 , exploit and aux for dnaLims
2017-03-20 11:08:05 -04:00
h00die
fd5345a869
updates per pr
2017-03-20 10:40:43 -04:00
Brent Cook
aa1e76f28e
Land #8128 , ensure there is a response before deferencing
2017-03-19 22:17:31 -05:00
h00die
f88a522bf5
fix #8121
2017-03-18 14:50:24 -04:00
h00die
06e6a973ce
land #7944 a scanner for Carlo Gavazzi energy meters
2017-03-18 10:35:43 -04:00
wchen-r7
a1d7748d82
Fix #8061 , Handle ::Errno::ECONNRESET in telnet_version
...
Fix #8061
2017-03-15 16:33:37 -05:00
wchen-r7
8afe6a9061
Update easy_file_sharing_ftp and add documentation
2017-03-15 16:14:41 -05:00
wchen-r7
cf8b4a78fa
Bring branch up to date with upstream-master
2017-03-14 16:48:33 -05:00
Ahmed Elhady Mohamed
183be81ba8
Easy File Sharing FTP Server Directory Traversal
2017-03-08 17:59:27 +02:00
juushya
0b5da60564
Added nil check + formatting edits
2017-03-07 02:17:21 +05:30
juushya
d99d81992f
Added nil check + formatting edits
2017-03-07 02:16:01 +05:30
juushya
05efb61d3b
Added nil check + formatting edits
2017-03-07 02:14:18 +05:30
juushya
62b0efd99d
Added nil check + formatting edits
2017-03-07 01:44:23 +05:30
juushya
9a5ab604e5
Added nil check + formatting edits
2017-03-07 01:21:07 +05:30
juushya
2d8e3c73f5
Minor edits
2017-03-07 00:20:05 +05:30
juushya
3ab214e758
Minor edits
2017-03-07 00:03:24 +05:30
juushya
e8460c3b94
Minor edit
2017-03-03 02:37:20 +05:30
juushya
fafd35330d
Add epmp1000 dump hashes module
2017-03-03 02:22:34 +05:30
juushya
c6e65b1521
Minor edits
2017-03-03 02:00:19 +05:30
juushya
6bd09c142f
Minor edits
2017-03-03 00:53:17 +05:30
juushya
c9a354b844
Added nil checks
2017-03-01 20:18:51 +05:30
wchen-r7
69c7b0168c
Restore USERNAME and PASSWORD options for owa_login
...
Requested by our own pentesters, the username & password options
should be restored so users can more easily try one password but
multiple users.
2017-02-27 15:04:06 -06:00
h00die
43550b8cdf
fixing line length
2017-02-23 19:55:23 -05:00
h00die
041238f77c
land #7896 Binom3 power meter scanner and brute
2017-02-23 19:49:50 -05:00
jvoisin
73eed104a9
Take into account @h00die's comments.
2017-02-20 13:22:20 +01:00
jvoisin
7bd6aff1cf
Add a sploit for CVE-2017-5982
2017-02-19 21:57:27 +01:00
Brent Cook
e4c324c988
Land #7941 , treat a user with no mailbox as a valid credential anyway
2017-02-17 17:09:57 -06:00
juushya
e6bfbb7c78
Added random cookie gen, res checks, & minor updates
2017-02-12 16:55:11 +05:30
juushya
906ca6c24e
Add Carlo Gavazzi module
2017-02-11 11:18:43 +05:30
James Barnett
94a234e5bf
Specify sname as http/https to keep with standards throughout the code.
2017-02-10 17:31:08 -06:00
jakxx
58779f0aaf
owa_login no mailbox bugfix
...
The owa_login module currently misses a success condition where the
creds are valid but there is no mailbox setup. This commit adds the
check for the condition for OWA 2013.
2017-02-09 21:35:58 -05:00
wchen-r7
4a9a8adaa1
Land #7928 , http_version now stores the fingerprints
2017-02-09 16:28:51 -06:00
James Lee
4f13bde471
Override `empty?` for the weird ones
...
Fixes #7899
2017-02-09 14:57:20 -06:00
Christian Mehlmauer
8ade9b8aae
Land #7905 , WordPress content injection module
2017-02-09 15:49:50 +01:00
William Vu
cf395ea7b1
Make error checks more consistent
2017-02-08 18:00:44 -06:00
William Vu
0d56676690
Add error check for listing posts
2017-02-08 17:13:12 -06:00
William Vu
766e7b013d
Once more, with feeling
2017-02-08 09:17:37 -06:00
William Vu
a71b097e6b
Revert status iteration, since it doesn't work
...
Also.
2017-02-08 09:13:42 -06:00
William Vu
6b2a995a7d
Revert AutoPublish, since it doesn't work
...
Apparently.
2017-02-08 07:43:17 -06:00
William Vu
df38a91fbd
Be nice and parse JSON for the error
2017-02-08 07:37:09 -06:00
William Vu
befe224c58
Use wordpress_and_online? before actions
2017-02-08 07:24:57 -06:00
William Vu
46ab03f528
Add SearchTerm to filter listed posts
2017-02-08 06:10:46 -06:00
William Vu
064420075f
Update diagnostics and print better header
2017-02-08 04:54:25 -06:00
William Vu
6df55c9733
Gotta catch 'em (post statuses) all
2017-02-08 04:31:06 -06:00
William Vu
7583d050b7
Add AutoPublish to publish updated posts
2017-02-08 04:01:42 -06:00
William Vu
e480107bd5
Add PostCount (default 100) to list more posts
2017-02-08 03:52:20 -06:00
William Vu
13f4b0d7ae
Be more specific with invalid post ID
2017-02-08 02:18:52 -06:00
William Vu
6f4ff89218
Add WPVDB reference
2017-02-07 18:33:58 -06:00
jvoisin
96f7b2e245
http_version now store the fngerprints
...
Currently, the `http_version` module doesn't store the fingerprints
into the database; this commit should fix this behaviour.
2017-02-07 18:36:36 +01:00
William Vu
b4056a110b
Print diagnostics if no posts found/given
2017-02-07 04:37:05 -06:00
William Vu
e1ade9caf8
Land #7910 , closed ports fix for TCP portscan
2017-02-07 02:23:15 -06:00
h00die
f531366d89
Land #7790 an aux module to extract Meteocontrol Weblog admin password
2017-02-06 15:23:06 -05:00
William Vu
8af966a132
Add WordPress content injection module
2017-02-06 04:40:26 -06:00
MatToufoutu
db77061719
do not add closed ports to database
2017-02-04 16:24:40 +01:00
juushya
d305f895ff
Fixed a typo space
2017-02-04 11:59:45 +05:30
juushya
36416c20cb
Updated check for extract fail case now + Minor edits
2017-02-04 03:00:31 +05:30
juushya
34b861403e
Minor updates
2017-02-04 01:44:18 +05:30
juushya
58a50d7dd1
Minor edits
2017-02-01 04:46:05 +05:30
juushya
6d6db2f40f
Add epmp1000 dump config module
2017-02-01 04:42:47 +05:30
juushya
20a51371ce
Minor Edits
2017-02-01 04:23:28 +05:30
juushya
423648e347
Minor edits
2017-02-01 03:53:14 +05:30
juushya
82d2777417
Minor update
2017-02-01 03:44:50 +05:30
juushya
59e31e26f2
Add Binom3 module
2017-02-01 03:35:35 +05:30
Brent Cook
3c9b1be649
Land #7883 , Fix cisco_firepower_download to pass the username properly
2017-01-27 16:31:06 -06:00
Brent Cook
4480ea7877
Land #7827 , Cisco Firepower Management Console LoginScanner
2017-01-27 16:26:40 -06:00
Brent Cook
171cc7d54e
slight wording tweak
2017-01-27 16:26:23 -06:00
wchen-r7
e6de951e3e
Fix cisco_firepower_download to pass the username properly
2017-01-27 16:25:34 -06:00
Brent Cook
a4dd1fc846
Land #7805 , Add CVE-2016-6435 - Cisco Firepower Management Console Dir Traversal
2017-01-27 16:09:14 -06:00
wchen-r7
781bc8420a
Add Advantech WebAccess LoginScanner module
2017-01-26 13:54:50 -06:00
Brent Cook
836da6177f
Cipher::Cipher is deprecated
2017-01-22 10:20:03 -06:00
Jin Qian
b4d3e9da8d
This closes #7849 on the confusing message.
...
Use result.proof which has the right message. Thanks to Wei for pointing it
2017-01-19 15:39:10 -06:00
wchen-r7
82ab4fc630
Update cisco_firepower_download module & documentation
2017-01-17 13:58:10 -06:00
juushya
7791c58d5c
rubocop check & msftidy run clean. Minor updates.
2017-01-17 01:10:39 +05:30
juushya
657c7444bf
rubocop check & msftidy clean. Few updates.
2017-01-17 00:17:57 +05:30
wchen-r7
a687073416
Add Cisco Firepower Management Console LoginScanner
2017-01-13 16:59:20 -06:00
wchen-r7
18347a8de7
Land #7774 , Fix pivoting of UDP sockets in scanners
2017-01-10 13:57:28 -06:00
wchen-r7
8194603725
Add CVE-2016-6435 - Cisco Firepower Management Console Dir Traversal
2017-01-09 14:39:37 -06:00
juushya
93168648b4
Minor update in description
2017-01-08 13:28:07 +05:30
juushya
4133a6fa97
Minor cleanup, msftidy check
2017-01-07 03:57:46 +05:30
dmohanty-r7
5cba9b0034
Land #7747 , Add LoginScanner module for BAVision IP cameras
2017-01-06 16:25:44 -06:00
juushya
ba8394ecc1
Minor updates
2017-01-06 15:34:17 +05:30
juushya
39423a70a7
Add Meteocontrol Weblog Extract Admin password module
2017-01-06 15:20:41 +05:30
juushya
c5acda0a22
Fixed the file permissions
2017-01-05 04:40:41 +05:30
juushya
c15b77c31b
Add Cambium ePMP 1000 Login Scanner module
2017-01-05 04:19:32 +05:30
Brent Cook
04a026e786
remove lies from module, this is a bound socket
2017-01-02 09:47:18 -06:00
Brent Cook
fdca963b61
check if the socket exists before closing
2016-12-30 14:59:31 -06:00
wchen-r7
144f886e8b
Add LoginScanner module for BAVision IP cameras
2016-12-23 16:22:17 -06:00
William Vu
0589948a73
Remove other rhost (oops) and fail_with
2016-12-23 16:10:21 -06:00
Jin Qian
da9ea0b85c
Change the PCRE.
2016-12-16 15:41:10 -06:00
dmohanty-r7
f74fd9e5dd
Land #7672 , support LOCKED_OUT and DISABLED login status
2016-12-16 15:11:05 -06:00
jinq102030
378d8aea36
Merge pull request #7697 from h00die/fix_colorado
...
Fix ftp traversal error conditions
2016-12-16 13:51:15 -06:00